Service provider story about tracking down TCP RSTs

• Subject: Service provider story about tracking down TCP RSTs
• From: bjorn at mork.no (Bjørn Mork)
• Date: Sun, 02 Sep 2018 12:06:24 +0200
• In-reply-to: <CA[email protected]> (William Herrin's message of "Sat, 1 Sep 2018 16:54:07 -0400")
• References: <[email protected]> <CAP-guGX=Sg[email protected]> <CA[email protected]>

William Herrin <bill at herrin.us> writes:

> BTW, for anyone concerned about an explosion in state management
> overhead, the TL;DR version is: the anycast node which first accepts
> the TCP connection encodes its identity in the TCP sequence number
> where all the other nodes can statelessly find it in the subsequent
> packets.

I didn't see a security section in your document.  Did you consider the
side effects of this sequence number abuse?


Bjørn

• Follow-Ups:
  • Service provider story about tracking down TCP RSTs
    • From: bill at herrin.us (William Herrin)

• References:
  • Service provider story about tracking down TCP RSTs
    • From: frnkblk at iname.com (frnkblk at iname.com)
  • Service provider story about tracking down TCP RSTs
    • From: bill at herrin.us (William Herrin)
  • Service provider story about tracking down TCP RSTs
    • From: bill at herrin.us (William Herrin)

• Prev by Date: automatic rtbh trigger using flow data
• Next by Date: Service provider story about tracking down TCP RSTs
• Previous by thread: Service provider story about tracking down TCP RSTs
• Next by thread: Service provider story about tracking down TCP RSTs
• Index(es):
  • Date
  • Thread